Loading...

XML

Word

Printable

NOTE: This suggestion is for Confluence Server and DC

Inside Confluence configuration file, in {confluence_home}/confluence.cfg.xml, the field for database password is not encrypted.

This allows anyone who has access to this file to view the current password assigned to the db.

duplicates

CONFSERVER-2146 Encrypt all passwords stored on the file system

followed by

CONFSERVER-74875 Integrate with confluence for new installs

CONFSERVER-74876 Allow encrypted database password configuration with AWS QuickStart/CloudFormation

CONFSERVER-74877 Allow encrypted database password configuration with Azure based installation

CONFSERVER-74878 Allow encrypted database password configuration with docker and k8s helm charts

is related to

JRASERVER-31004 Encrypt database password in dbconfig.xml

links to

Original (master branch) ticket on AsecJ > VULN

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(1 is related to, 1 links to, 5 mentioned in)